diff options
Diffstat (limited to 'ops/modules/quassel.nix')
-rw-r--r-- | ops/modules/quassel.nix | 83 |
1 files changed, 83 insertions, 0 deletions
diff --git a/ops/modules/quassel.nix b/ops/modules/quassel.nix new file mode 100644 index 000000000000..6acb0615f4c0 --- /dev/null +++ b/ops/modules/quassel.nix @@ -0,0 +1,83 @@ +# A more modern module for running Quassel. +{ config, lib, pkgs, ... }: + +let + cfg = config.services.depot.quassel; + quasselDaemon = pkgs.quassel.override { + monolithic = false; + enableDaemon = true; + withKDE = false; + }; +in +{ + options.services.depot.quassel = with lib; { + enable = mkEnableOption "Quassel IRC daemon"; + + acmeHost = mkOption { + description = "ACME host to use for the Quassel TLS certificate"; + type = lib.types.str; + }; + + bindAddresses = mkOption { + description = "Addresses Quassel will bind to/listen on"; + default = [ "127.0.0.1" ]; + }; + + logLevel = mkOption { + description = "Log level for Quassel Core"; + default = "Info"; + type = lib.types.enum [ + "Debug" + "Info" + "Warning" + "Error" + ]; + }; + + port = mkOption { + default = 6698; + description = '' + The port number the Quassel daemon will be listening to. + ''; + }; + }; + + config = with lib; mkIf cfg.enable { + networking.firewall.allowedTCPPorts = [ cfg.port ]; + + systemd.services.quassel = { + description = "Quassel IRC daemon"; + wantedBy = [ "multi-user.target" ]; + + script = concatStringsSep " " [ + "${quasselDaemon}/bin/quasselcore" + "--listen=${concatStringsSep "," cfg.bindAddresses}" + "--port=${toString cfg.port}" + "--configdir=/var/lib/quassel" + "--require-ssl" + "--ssl-cert=$CREDENTIALS_DIRECTORY/quassel.pem" + "--loglevel=${cfg.logLevel}" + ]; + + serviceConfig = { + Restart = "always"; + User = "quassel"; + Group = "quassel"; + StateDirectory = "quassel"; + + # Avoid trouble with the ACME file permissions by using the + # systemd credentials feature. + LoadCredential = "quassel.pem:/var/lib/acme/${cfg.acmeHost}/full.pem"; + }; + }; + + users = { + users.quassel = { + isSystemUser = true; + group = "quassel"; + }; + + groups.quassel = { }; + }; + }; +} |